<?php
function db_connect()
{
	$connectString = "host='".DB_SERVER."' user='".DB_USER."' password='".DB_PASSWORD."' dbname='".DB_NAME."'";
   $result = pg_connect($connectString); 
   if (!$result) return false;
   return $result;
}


function db_insert($insert)
{
	if(db_connect())
	{
		if(pg_query($insert)) return true;
		else return false;
	}
	else return false;
}




function rand_ascii($length = 1)
{
	srand((double) microtime() * 1000000);
	$s = "";
	for($i=1;$i<=$length;$i++) $s .= chr(rand(40,126));
	return $s;
}

function login($username, $input_password) {
// check username and password with db
// connect to db
$username = strtolower($username);
$conn = db_connect();
if (!$conn) return false;
// Get password and user_id from database
$result = pg_query("SELECT password, user_id FROM user WHERE user_name='$username'");

if (pg_num_rows($result) == 0)  return 'no_username';
if (pg_num_rows($result) > 1)  return 'too_many_username';
//now that we know we have one record to deal with do the following
$password = pg_fetch_result($result,0,"password");
if (crypt($input_password,$password) != $password) { return 'wrong_password'; }
//Process record that was returned, set session variables
if (crypt($input_password,$password) == $password) {
$attendee_id = pg_fetch_result($result,0,"user_id");
$values = get_user_info($attendee_id);
$username = $values['user_name'];
$admin = $values['admin'];
$last_login = $values['last_login'];
$_SESSION['user_id'] = $attendee_id;
$_SESSION['username'] = $username;
//$_SESSION['admin'] = $admin;
$_SESSION['last_login'] = $last_login;
//Set last_login time to the current time.
$query = "UPDATE attendee SET last_login = 'now()' WHERE user_id = '$user_id'";
pg_query("$query");
return true;
}
else return false;
}

function get_user_info()
{
	
}

?>